Websites owned by Inbox.com AS offer email services and other related services, collectively referred to as the “Service”.
The Service is owned in its entirety by Inbox.com AS (“the Company”, “we” or “us”). The Company is registered and located in Norway, with organization number 920 243 347.
This Privacy Statement was originally written in English; and has been translated into other languages for your convenience. In the event of any inconsistencies between the original version and a translated version, the original (English) version shall prevail.
We are responsible for the protection of your personal data, and we take this responsibility very seriously.
This Privacy Statement explains what personal data we collect; why we collect data about you; how we use this data; and how we store the data.
By accepting this Privacy Statement, you consent to the processing of your personal data as described in this Privacy Statement.
Processing of personal data takes place in compliance with the General Data Protection Regulation (GDPR) as well as with the country-specific data protection laws applicable to the Company.
The Data Controller is:
Inbox.com AS
Øvre Måsan 10C
1385 ASKER
Norway
hello@corp.inbox.com
To deliver the Service with high quality, we need to collect various types of information, including personal data about you. Below is an overview of how we typically collect personal data and what information this typically is. We do not collect sensitive information.
a) Information provided directly by you
When you register an account or contact us, you provide some information that is stored by us, such as name, email address, mobile number, and payment related information.
b) Information obtained through use of the Service
When you use the Service, we may collect certain information, such as your device (e.g., mobile/PC manufacturer, operating system, and browser) and your connection (such as you IP addresses).
Our email service logs all emails that enter and leave the server, login attempts, etc., as well as information about this traffic (such as the IP address and email address of the sender of an email or of the person trying to log in). This logging is done to prevent abuse of the Service and to help you in the event of problems (such as blacklisting of your IP address). The log will be stored on our servers for a maximum of 12 months.
By using the email service, you choose which data we will store on your behalf (such as received emails, sent emails and contacts).
When you use the Service or visit our websites, cookies and other data may be stored on your device, which can later be read by us. A cookie is a text file that is placed in your browser’s internal memory.
We only use cookies that are defined as strictly necessary. This means that the cookie is required for the Service to function properly (e.g., to keep you signed into the webmail).
You have the option to prevent us from placing such cookies in your browser. Most modern browsers are set to accept cookies automatically, but you can choose to change the settings yourself so that cookies are not accepted. The disadvantage of disabling cookies in your browser is that the Service will not function optimally.
We use personal data for the following purposes:
a) To be able to provide the Service
We use personal data to make sure you can maintain access to the Service. For example, we need your contact details to help you reset your email account password.
If you contact our customer support, we may also need to know who you are, to be able to help you.
Furthermore, we need your contact details to be able to contact you with important information about your email account.
b) To prevent misuse of the Service
We use personal data to prevent misuse of the Service. Abuse can be attempts to log into other individual’s email accounts, attempts at fraud, “spamming”, incitement, harassment, and other actions prohibited by law or by our Terms of Service.
c) To comply with law
We are required to store certain personal data, like your purchase history, to comply with law (notably, the Norwegian accounting act and consumer purchase act).
Although the legal basis that applies for our data processing is usually a requirement necessary to enter into a contract, other legal basis may also apply. In any case, please feel free to contact us, and we will gladly help to clarify the legal basis that applies to any specific data processing.
We do not sell your personal data or use data stored in your mailbox for commercial purposes.
We do share personal data with other companies that perform services on our behalf, and we are sometimes required to share information with public authorities:
a) When others perform services on our behalf
To a large extent, IT development, IT operations, data storage, and Customer support is carried out by third parties.
To control the access and usage of personal data by such third parties, we have entered into separate data processing agreements with the companies that process information on our behalf. These third parties are not allowed to use any personal data for any other purposes than to perform the agreed services on our behalf.
For the execution of card payments your card data will be shared with our payment service provider Stripe. This includes the transfer of personal data into a third country (USA). Our agreement with Stripe defines the appropriate method for such transfer, so that the data is only processed in compliance with GDPR and for the purpose of payment execution.
b) When required by public authorities
If an offense or violation of law is suspected, any stored personal information and other information of interest, may be handed over to public authorities.
We normally do not share any such information without being presented with a valid court order that specifies exactly what data we are required to share with the public authorities.
Data about customers’ purchase history may also be shared with public authorities to ensure or prove compliance with existing laws and regulations.
a) How data is stored
The security of your personal data is important for us. All personal data is kept secure and protected from unauthorized access.
We use appropriate security measures to protect personal data under our control against unauthorized access, collection, use, disclosure, modification, or disposal.
Email data and account data (such as name, email addresses, and mobile number) is stored on servers within the European Economic Area (EEA) through our third-party providers.
If sending an email to our support team, the support ticket will be stored in our ticketing system Zendesk (USA).
Payment information is stored with Stripe (USA) and NETS (EU).
b) Data retention policy
You can delete your email account in the webmail under “My account”.
Lack of an active subscription or successful renewal will also lead to account and data deletion.
Please refer to the Terms of Service for important information about our data retention policy.
You may exercise certain rights regarding your data. In particular, you have the right to:
We reserve the right to make changes to this Privacy Statement at any time without giving further notice. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom of this page.
In the event of major overhauls or changes, we will usually send a notification to your email address at the Service.
Please also refer to the Terms of Service for additional information about the terms and conditions that applies for the Service.
Contact information for each of our email brand is easily accessible through the website of the email brand.
Inquiries regarding this Privacy Statement can also be sent via the contact information listed under section 1 of this Privacy Statement.
Updated: 31st of November 2022
© 2024 Inbox.com AS
NO 920 243 347
All rights reserved.